Commit | Line | Data |
---|---|---|
f6b4ffdc MW |
1 | #! /bin/sh -ex |
2 | ||
3 | : ${vgtag=@backup} ${vgprefix=vg-backup-} | |
4 | : ${mntbkpdir=/mnt/bkp} | |
5 | : ${STOREDIR=$mntbkpdir/store} ${METADIR=$mntbkpdir/meta} | |
6 | : ${RANDOM=/dev/random} | |
7 | ||
8 | case $# in | |
9 | 2) tag=$1 pv=$2 ;; | |
10 | *) echo >&2 "usage: $0 TAG PV" ;; | |
11 | esac | |
12 | vg=$vgprefix$tag | |
13 | ||
14 | vgcreate --addtag $vgtag $vg $pv | |
15 | ||
16 | lvcreate -L64M -nmeta $vg | |
17 | mkfs -text3 -Lmeta /dev/$vg/meta | |
18 | mount /dev/$vg/meta $METADIR | |
19 | ||
20 | echo $tag >$METADIR/volume | |
21 | dd if=$RANDOM bs=1 count=512 | | |
22 | cryptop encrypt backup >$METADIR/crypt.blob | |
23 | ||
24 | lvcreate -l100%FREE -ncrypt $vg | |
25 | cryptop decrypt backup <$METADIR/crypt.blob | | |
26 | cryptsetup luksFormat \ | |
27 | --cipher=twofish-xts-benbi:sha256 \ | |
28 | --hash=sha256 --key-size=256 \ | |
29 | /dev/$vg/crypt - | |
30 | ||
31 | cryptop decrypt backup <$METADIR/crypt.blob | | |
32 | cryptsetup luksOpen --key-file=- /dev/$vg/crypt cbackup | |
33 | ||
34 | mkfs -text3 -Lbackup /dev/mapper/cbackup | |
35 | ||
36 | mount /dev/mapper/cbackup $STOREDIR | |
37 | touch $STOREDIR/.rsync-backup-store |